Overview

File _patchinfo of Package patchinfo.29244

<patchinfo incident="29244">
  <issue id="1207188" tracker="bnc">VUL-0: CVE-2023-23454: kernel live patch: type-confusion in the CBQ network scheduler</issue>
  <issue id="1210499" tracker="bnc">VUL-0: CVE-2023-0386: kernel live patch: FUSE filesystem low-privileged user privileges escalation</issue>
  <issue id="1210662" tracker="bnc">VUL-0: CVE-2023-2162: kernel live patch: UAF during login when accessing the shost ipaddress</issue>
  <issue id="2023-0386" tracker="cve" />
  <issue id="2023-2162" tracker="cve" />
  <issue id="2023-23454" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>nstange</packager>
  <description>This update for the Linux Kernel 5.14.21-150400_24_60 fixes several issues.

The following security issues were fixed:

- CVE-2023-0386: Fixed privileges escalation for low-privileged users in the OverlayFS subsystem (bsc#1210499).
- CVE-2023-2162: Fixed an use-after-free flaw in iscsi_sw_tcp_session_create (bsc#1210662).
- CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207188).
</description>
<summary>Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP4)</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places